AWS Managed Service by InterVision Service Guide
AWS Managed Service by InterVision Service Guide
SERVICE GUIDE
CONTENTS
1 Overview ....................................................................................................1
2 Service Description and Details ........................................................1
2.1 Cloud Service Delivery Manager ..................................................................... 4
2.2 Cloud Architect....................................................................................................... 4
2.3 Supported AWS Services .................................................................................... 5
3 Roles and Responsibilities ...................................................................6
4 Monitoring ..............................................................................................17
5 Reporting.................................................................................................17
6 Service Activation ................................................................................18
6.1 On-boarding .......................................................................................................... 18
6.2 Off-boarding Assistance................................................................................... 18
7 Service Delivery....................................................................................19
7.1 Governance ........................................................................................................... 19
7.2 Contact and Escalation ..................................................................................... 19
7.3 Escalation Path..................................................................................................... 19
7.4 Service Level Objective and Agreements.................................................. 20
8 Terms & Conditions.............................................................................23
9 Service Items..........................................................................................23
10 Definitions...............................................................................................24
PAGE: 2
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
1 OVERVIEW
The AWS Managed Service (AMS) by InterVision is a managed service for operations of your AWS environments.
This Service combines InterVision Managed Services with AWS Managed Service (provided by AWS) to provide a
broad suite of infrastructure operations, IT management and ongoing improvements. This Service includes
InterVision services personnel comprising of a Cloud Service Deliver Manager, a Cloud Architect and managed
services team to assist, when required, with service requests in to the AMS service offerings.
AMS by InterVision provides the tools, processes and personnel for the ongoing operations management such as
patch, continuity management, security management and IT processes such as incident, change and service
requests. The Service is available in two service levels - Plus and Premium - which defines the level of
responsiveness for service requests, change requests and incidences. These service levels can selectively applied
based upon application requirements.
This service can be combined with additional InterVision services including Migration, DevOps, Network and
Security management and other services. See associated service guide and service description for details regarding
these additional services. This Service Guide covers the AWS Managed Service by InterVision.
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 1
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
Managed Services to perform most patching activities. AWS Managed Services applies Critical Security
Updates outside of the selected maintenance window and Important Updates during the selected
maintenance window. AWS Managed Services will notify the customer in advance with the details of the
upcoming updates. Customers can exclude Stacks from Patch Management or reject updates. With AMS
Patch Orchestrator, a default maintenance window per account is defined by the customer for AWS
Managed Services to perform patching activities. Customers can schedule additional custom maintenance
windows for AWS Managed Services to patch a specific set of instances defined by customers via Tags. AWS
Managed Services will apply all available Updates, but customers can filter or reject updates by creating a
custom patch baseline. For both models, if the customer approves or rejects an update provided under Patch
Management but later changes their mind, the customer is responsible for initiating the update via RFC.
AWS Managed Services will track the patch status of resources and highlight systems that aren’t current in
the monthly business review. Patch Management is limited to Stacks in the Managed Environment, including
all AWS Managed Services Managed Applications and supported AWS services with patching capabilities
(e.g. RDS). In order to support all types of infrastructure configurations when an update is released, AWS
Managed Services a) updates the EC2 instance and b) provides an updated AWS Managed Services AMI for
the customer to use. It is the customer’s responsibility to install, configure, patch, and monitor any additional
applications not specifically covered above.
5. Change Management – AWS Managed Services offers Change Management, which is the mechanism for
customers to get access to or affect any changes in their Managed Environment. The customer creates a
Request for Change (RFC) using the AWS Managed Services Interface. Most RFCs requested by the
customer will be executed automatically. AWS Managed Services also creates RFCs to access customer
resources or make changes. All RFCs follow a defined Change Management process. Access to customer
resources within a Managed Production Environment is authorized through RFCs, while access to customer
resources in a Managed Non-production Environment is authorized through RFC and, optionally, through a
specialized Customer Developer IAM role (“Developer Mode”) upon request. AWS Managed Services
approves and executes RFCs that can be executed using the features or functionalities of AWS services.
The customer may designate a start time for the requested change to be performed through the RFC
process. Customers can also use Change Management to configure AWS Service Offerings in the Managed
Environment.
6. Automated and Self-Service Provisioning Management – Customers can provision AWS resources on AWS
Managed Services in several ways: 1) submit provisioning and configuration Change Types, 2) deploy AMS-
provided securityhardened AMIs inclusive of the customer application, 3) deploy full Stacks using
CloudFormation templates, 4) deploy via their integrated ITSM, and 5) configure AWS services directly
using Self-service Provisioning for select AWS services (see “Supported AWS Services”). To provide Self-
service Provisioning capabilities, AWS Managed Services has created elevated IAM roles with permission
boundaries to limit unintended changes from direct AWS service access. Roles do not prevent all changes
and the customer is responsible to adhere to their internal controls, compliance, and validate that all AWS
services being used meet the required certifications5. For resources provisioned through Self-Service,
AWS Managed Services provides Incident Management, Detective Controls and Guardrails, Reporting,
Designated Resources (Cloud Service Delivery Manager and Cloud Architect), Security & Access, and
technical support via Service Requests. Additionally, where applicable, the customer assumes responsibility
for continuity management, patch management, infrastructure monitoring, and change management for
resources provisioned and/or configured outside of AWS Managed Services Change Management system.
7. Incident Management – AWS Managed Services proactively notifies customers of Incidents detected by
AWS Managed Services. AWS Managed Services responds to both customer-submitted and AMS-generated
Incidents and resolves Incidents based on the Incident priority6 . Unless otherwise instructed by the
customer, Incidents that are determined by AWS Managed Services to be a risk to the security of the
customer’s Managed Environment and Incidents relating to the availability of AWS Managed Services and
other AWS services will be proactively actioned. AWS Managed Services takes action on all other Incidents
once customer authorization is received. Recurring Incidents are addressed by the Problem Management
Process.
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 2
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
8. Problem Management - AWS Managed Services performs trend analysis to identify and investigate
Problems and to identify the root cause. Problems are remediated either with a workaround or a permanent
solution that prevents recurrence of similar future service impact. A Post Incident Report (PIR) may be
requested for any Priority 1 Incident upon resolution. The PIR captures the root cause and preventative
actions taken, including implementation of preventative measures.
9. Reporting – AWS Managed Services provides customers with a monthly service report which summarizes
key performance metrics of AWS Managed Services, including an executive summary and insights,
operational metrics, managed resources, AMS SLA adherence, and financial metrics around spend, savings
and cost optimization. Reports are delivered by an AMS Cloud Service Delivery Manager (CSDM) assigned
to the customer.
10. Service Request Management – Customers can request information on their Managed Environment, AWS
Managed Services, or AWS Service Offerings by submitting Service Requests using the AWS Managed
Services Interface. Service Request types also include "How to" questions about AWS services and features,
troubleshooting API issues, customer service requests and technical support cases.
11. Service Desk – AWS Managed Services staffs engineering operations with full-time Amazon employees to
fulfill nonautomated requests including Incident Management, Service Request Management, and Change
Management. The Service Desk operates 24 x 7 365 days a year.
12. Designated Resources – Each Customer is assigned a Cloud Service Delivery Manager (CSDM) and a Cloud
Architect (CA). 1) CSDMs can be contacted directly, perform service reviews, and delivery reporting and
insights through all phases of the implementation, migration and operational life cycle. CSDMs conduct
monthly business reviews and detail items such as financial spend, cost-saving recommendations, service
utilization, and risk reporting. They dive deep into operational performance statistics and provide
recommendations of areas of improvements. 2) CAs can be contacted directly and provide technical
expertise to help customers optimize their use of AWS Cloud. Example activities include, workload selection
for migration, assisting with the on-boarding additional accounts and workloads, acting as the technical lead
in operational activities such as game days, disaster recovery testing, problem management, and technical
advice to get the most out of AWS Managed Services and AWS. CAs drive technical discussions at all levels
of the customer’s organization and will assist with incident management, making trade-offs, establishing
best practices, and technical risk mitigation.
13. Developer Mode – This feature enables developers and migration teams to iterate their designs quickly
within AWS Managed Services-configured Plus accounts7 by allowing direct access to AWS service APIs
and the AWS Console. Once architectural designs and configurations have been finalized, customers can
test their integration within the same account by creating and submitting an AWS CloudFormation template
via an automated Request for Change. Finalized templates also follow the same automated Request for
Change provisioning process in staging and production accounts. Any workloads provisioned via Change
Management in Developer Mode enabled accounts will be supported like any other workload on AWS
Managed Services, and can be used for long-running test workloads that mirror production environment.
Resources provisioned and/or configured outside of the Change Management process are the responsibility
of customers to manage (See “6. Automated and Self-Service Provisioning Management).
14. Enterprise Support – Accounts enrolled in AWS Managed Services will receive Enterprise-level Premium
Support at no additional cost, subject to the following limitations:
a. All support services may be provided directly by AWS Managed Services personnel.
b. AWS Managed Services customers will not receive training discounts or credits unless they are entitled to
such credits under a separate agreement.
c. If AWS Managed Services is enabled on an evaluation basis, AWS Managed Services Evaluation Accounts
will not receive Enterprise-level Premium Support during the evaluation period.
Additional information concerning Enterprise Support can be found at https://aws.amazon.com/
premiumsupport/plans/enterprise/.
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 3
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
1
See “Supported AWS Services” section below for a list of supported AWS services.
2
Refer to the AWS Managed Services User Guide for details on which supported AWS services have logging and
monitoring enabled.
3
See “Supported Configuration” section below for a list of approved directory services.
4
See “Supported Configuration” section below for a list of supported operating systems.
5
See https://aws.amazon.com/compliance/ for details on AWS compliance requirements.
6
See the AWS Managed Services Service Level Agreement1 for more information.
7
See the AWS Managed Services Service Level Agreement2 for more information on Plus Accounts.
Supported Configuration
• Supported Language - Intervision and AWS Managed Services is available in English
• Supported Operating Systems – AWS EC2 created AMIs for RHEL 7.x, RHEL 6.5+, Microsoft Windows
Server 2019, Microsoft Windows Server 2016, Microsoft Windows Server 2012, Microsoft Windows Server
2012 R2, Microsoft Windows Server 2008 R2, Amazon Linux and Amazon Linux 2, Cent OS 6.5+, Cent OS
7.x, and SUSE Linux Enterprise Server 12 SP4
• Supported AWS Regions – US East (Virginia), US West (N. California), US West (Oregon), US East (Ohio),
Canada (Central), South America (São Paulo), EU (Ireland), EU (Frankfurt), EU (London), Asia Pacific
(Mumbai), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo)
• Supported Security Software – Deep Security from Trend Micro
• Approved Directory Services – Microsoft Active Directory (AD)
1 https://s3.amazonaws.com/ams.contract.docs/AWS+Managed+Services+Service+Level+Agreement.pdf
2 https://s3.amazonaws.com/ams.contract.docs/AWS+Managed+Services+Service+Level+Agreement.pdf
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 4
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
3 https://intranet.intervision.com/display/PT/InterVision+AWS+Managed+Service+Addendum+-+Rate+Card
4 https://docs.aws.amazon.com/managedservices/latest/userguide/ams-sd.html#features
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 5
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
Amazon Rekognition*
Amazon SageMaker*
Amazon SimpleDB*
Amazon Simple Workflow*
Amazon Textract*
Amazon Transcribe*
Amazon Translate*
Amazon WorkDocs*
Amazon WorkSpaces*
AWS AppSync*
AWS Audit Manager*
AWS Batch*
AWS Certificate Manager*
AWS CloudEndure*
AWS CloudHSM*
AWS CodeBuild*
AWS CodeCommit*
AWS CodeDeploy*
AWS CodePipeline*
AWS DataSync*
AWS Elemental MediaLive*
AWS Glue*
AWS Lambda*
AWS MigrationHub*
AWS Outposts**
AWS Secrets Manager*
AWS Security Hub*
AWS Service Catalog
AWS Transfer for SFTP*
AWS Shield*
AWS Snowball*
AWS Step Functions*
AWS Transit Gateway*
AWS WAF*
AWS X-Ray*
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 6
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
Application Migration R* I
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 7
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
Application development R I
Application deployment R* C, I
Application monitoring R* I
Application testing/optimization R* I
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 8
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
Recommend RI optimization C R
S3 configuration C R
Self-Service Provisioning R C, I
Glacier configuration C R
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 9
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
DB table design R* I
DB indexing R* I
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 10
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
DB log analysis R* I
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 11
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 12
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
AWS Managed
Services
Problem Management Customer
by InterVision
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 13
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 14
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 15
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
Validate backups R I
Reporting AWS Managed
Services
Customer
by InterVision
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 16
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
* Items marked with "*" are items that InterVision Professional Services can augment client responsibility.
4 MONITORING
AMS by InterVision provides monitoring, event management, and log management. This is described in the Service
Description section 1 earlier in this document.
The following services are monitored:
• ALB instance, target
• Aurora
• EC2
• EC2 - Trend Micro Endpoint Protection (security alerts)
• Elastic Cache Node
• Elastic Search cluster, domain, instance
• ELB
• GuardDuty (security alerts)
• Managed Active Directory
• NLB instance
• RDS instance
• RedShift cluster
• Amazon Macie (security alerts). Note Macie is not configured for all accounts. Must be requested.
Detailed Monitoring documentation can be provided. NDA required.
5 REPORTING
The Services provides customers with a monthly service report which summarizes key performance metrics of
AWS Managed Services, including an executive summary and insights, operational metrics, managed resources,
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 17
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
AMS SLA adherence, and financial metrics around spend, savings and cost Reports are delivered by an InterVision
Cloud Service Delivery Manager (CSDM) assigned to the customer.
Service reviews will be scheduled and conducted by the InterVision Cloud Service Delivery Manager. Reviews will
be scheduled at a minimum of a quarterly basis and may occur on a more frequent basis depending upon the overall
account size.
6 SERVICE ACTIVATION
6.1 ON-BOARDING
The Services delivers a dedicated AWS landing zone within prescriptive architecture and operating environment.
InterVision and AWS will work together with you to build out this environment and initiate managed services for
you to initiate application migration and operations. The InterVision team will guide you through onboarding
process and the creation of the following accounts: master account, network account, shared service account,
logging account, security account and service region(s).
Onboarding will work with to establish the following:
• IAM Roles
• IAM Access to console
• Multi-factor Authentication (MFA)
• AWS Marketplace subscription for Trend Micro Endpoint Protection
• Set up networking
• Set up firewall
• Set up access management
• Set up Active Directory federated access
• Set up VPCs for applications
InterVision is responsible for providing project management for the AMS onboarding project. AWS is responsible
for AWS Managed Services Account design and build. Specific client dependencies for the onboarding project is
detailed in the Roles and Responsibility table above. Detailed onboarding documentation can be provided under
NDA.
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 18
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
7 SERVICE DELIVERY
7.1 GOVERNANCE
Customers are designated a Cloud Service Delivery Manager (CSDM) who provides advisory assistance across
AWS Managed Services and has a detailed understanding of the customer’s Managed Environment. CSDMs work
with Account Managers, AWS Managed Services Cloud Architects, AWS Solution Architects, and support teams, as
applicable, to help launch new projects and give best practices recommendations throughout the software
development and operations processes. The CSDM is the primary point of contact for AWS Managed Services. Key
responsibilities of CSDM are:
1. Organize and lead monthly service review meetings with
2. Provide details on security, software updates for environment and opportunities for
3. Champion customer’s requirements including feature requests for AWS Managed
4. Respond to and resolve billing and service reporting
5. Provide insights for financial and capacity optimization
Automated RFCs 24 x 7 24 x 7
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 19
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
1. For urgent incidences and requests, a ticket should be opened directly with AWS Managed Service (AMS)
via the AMS portal.
2. For assistance Requests For Change (RFC), InterVision will assist. InterVision support is initated by opening
a ticket online at http://service.hostedcafe.com.
Customer contacts with AWS Managed Services that require escalation will follow the escalation path below.
1. Cloud Service Delivery Manager: "CSDM Name"@hostedcafe.com
2. AWS Managed Services Operations Manager: [email protected]
3. AWS Managed Services Director: [email protected]
4. AWS VP: [email protected]
With respect to incident management, InterVision will use commercially reasonable efforts to meet the following
Service Level Objectives. For AWS Managed Service by InterVision, the Service Level Objectives include SLAs from
InterVision and/or AWS as detailed below. AWS Managed Service SLA pertaining to AWS responsibilities are
subject to modification by AWS.
Change request resolution time objective may be impacted if an AWS security reviews is required and/or receiving
enough information to execute the change.
The following Service Credits will apply and will be based on a full month of service unless otherwise specified in a
Service Guide.
5 mailto:[email protected]
6 mailto:[email protected]
7 mailto:[email protected]
8 https://s3.amazonaws.com/ams.contract.docs/AWS+Managed+Services+Service+Level+Agreement.pdf
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 20
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
* Service credit, if a percentage, is based on the monthly fees of the applicable Service. In no event shall the Service
Credit be greater than the total monthly fees for the applicable Service.
Client may also make a request for change directly to AWS. In this case the InterVision MACD SLA does not apply.
For example, if the Priority 1 incident is reported to InterVision to address, the InterVision P1 response and
assignment times will apply prior to AWS initiating the P1 incident response process and the AWS response time
and resolution time is initiated. A priority 1 incident with an AWS Premium service level can take up to 30-minute
for InterVision to process prior to AWS initiating their 15-minute response and 4-hour resolution SLA for a total of
4-1/2 hours for resolution.
9 https://s3.amazonaws.com/ams.contract.docs/AWS+Managed+Services+Service+Level+Agreement.pdf
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 21
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
Due to the added time to engage InterVision in P1 urgent incident responses it is recommended that the client
open tickets directly with AWS managed service. InterVision will be informed and engaged as necessary.
Service Credits: InterVision response time service credits in section 11.1 will apply to InterVision conformance.
AWS service credits as outline the AWS Managed Service SLA10 will be passed through to the client.
For example, if the Priority 1 incident is reported to AWS to address, the AWS P1 incident response process and
the AWS response time and resolution time is initiated.
AWS service credits as outline the AWS Managed Service SLA12 will be passed through to the client.
11.4 Additional SLA items.
AWS provides additional SLAs for the following:
Patch Management – Patching time for critical security patches
• Plus level is within 10 business days of release by the vendor
• Premium level is within 8 calendar days of release by the vendor
Continuity Management - Environment Recovery Initiation Time
10 https://s3.amazonaws.com/ams.contract.docs/AWS+Managed+Services+Service+Level+Agreement.pdf
11 https://s3.amazonaws.com/ams.contract.docs/AWS+Managed+Services+Service+Level+Agreement.pdf
12 https://s3.amazonaws.com/ams.contract.docs/AWS+Managed+Services+Service+Level+Agreement.pdf
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 22
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
• Plus level is <=12 hours
• Premium level is <=4 hours
AMS API and Console Availability is >=99.95%
AWS service credits as outline the AWS Managed Service SLA13 will be passed through to the client upon request.
9 SERVICE ITEMS
InterVision AWS Managed Service - inclusive of the AMS service, InterVision CSDM, CA and Service Desk.
Complimentary Services not detailed in this Service Guide:
• InterVision AWS Migration Services
• InterVision AWS Professional Services - Cloud Architect, Security Engineer, Data Scientist, Infrastructure
Engineer, Project Manager, IT Consultant
• InterVision Infrastructure Managed Services - for non-AWS managed infrstructure items such as 3rd party
Firewalls, Load Balancers, Security Services, etc.
• InterVision Security Managed Services - SIEM, Vulnerability Scanning, etc.
• InterVision Resiliency Managed Services
13 https://s3.amazonaws.com/ams.contract.docs/AWS+Managed+Services+Service+Level+Agreement.pdf
14 https://aws.amazon.com/service-terms/
15 https://aws.amazon.com/service-terms/
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 23
AWS MANAGED SERVICE BY INTERVISION - SERVICE GUIDE
10 DEFINITIONS
An “Alert” is created whenever an Event from a supported AWS service exceeds a threshold and triggers an alarm.
“AWS Managed Services Interface” comprises of the AWS Managed Services Console, AWS Managed
Services Command Line Interface (CLI) and the AWS Managed Services APIs.
“AWS Managed Services Managed Applications” include all applications required to deliver a feature or capability
of AWS Managed Services. AWS Managed Services Managed Applications are managed for the customer as a part
of the Managed Environment. Examples include: proxy services, bastion software, managed Active Directory, and
security services.
A “Critical Security Update” means a security update rated as “Critical” by the vendor of a Supported
Operating System.
An “Event” indicates a change of state in your Managed Environment.
An “Important Update” means an update rated as “Important” or a non-security update rated as “Critical” by
the vendor of a Supported Operating System.
An “Incident” is an unplanned interruption or performance degradation of the Managed Environment or
AWS Managed Services that results in a customer impact as reported by AWS Managed Services or the customer.
“Managed Environment” refers to one or more AWS accounts and the resources within those accounts owned by
the customer but under the management of AWS Managed Services.
“Managed Production Environment” refers to a customer account where the customer’s production
applications reside.
“Managed Non-production Environment” refers to a customer account that only contains non-
production applications, such as for Development and Testing.
A “Problem” is a shared underlying root cause of one or more Incidents.
A “Request for Change” or “RFC” is a request created by either the customer or AWS Managed Services through
the AWS Managed Services Interface to make a change in the customer’s Managed Environment.
“Change Type” is the method used when submitting an RFC to indicate the type and nature of a change request.
A “Stack” is a group of one or more AWS resources that are managed as a single unit.
“Preventative Controls” are configurations inherent to AWS Managed Services that improve the security and
operating posture of our customers’ environments, such as security-hardened Amazon Machine Images (AMI),
AWS Identity and Access Management (IAM) roles with permission boundaries, networking configurations, and
managed security software and services.
“Detective Controls” are a library of AWS Managed Services created monitors which provide ongoing oversight
of customer environments and workloads for configurations that do not align with security, operational, or
customer controls, and take action by notifying owners, modifying, or terminating resources.
Copyright © 2020 InterVision Systems, LLC. All rights reserved | Confidential - Do Not Distribute PAGE: 24